<?php
require_once('BaseDAO.php');

class UserDAO extends BaseDAO
{
    const USER = "user";

    public function getUserWithPayment($username, $password, $payment)
    {
        $connection = Database::getInstance()->getConnection();
        $username = mysqli_real_escape_string($connection, stripslashes($username));
        $password = mysqli_real_escape_string($connection, stripslashes($password));
        $payment = mysqli_real_escape_string($connection, stripslashes($payment));

        $sql = "SELECT * FROM `user` WHERE Username='$username' and Password=MD5('$password') and Payment='$payment'";
        $result = $this->executeQuery($sql);
        return mysqli_fetch_assoc($result);
    }

    public function getUser($username, $password)
    {
        $connection = Database::getInstance()->getConnection();
        $username = mysqli_real_escape_string($connection, stripslashes($username));
        $password = mysqli_real_escape_string($connection, stripslashes($password));

        $sql = "SELECT * FROM `user` WHERE Username='$username' and Password=MD5('$password')";
        $result = $this->executeQuery($sql);
        return mysqli_fetch_assoc($result);
    }

    public function registerUser($user)
    {
        $this->addItem(self::USER, $user);
    }

    public function updateUser($user, $userId)
    {
        $this->updateItem(self::USER, $user, $userId);
    }

    public function getUserByUsername($username)
    {
        $connection = Database::getInstance()->getConnection();
        $username = mysqli_real_escape_string($connection, stripslashes($username));
        $sql = "SELECT * FROM `user` WHERE Username='$username'";
        $result = $this->executeQuery($sql);
        return mysqli_fetch_assoc($result);
    }
}

?>